The proliferation of networked computer systems has opened up new possibilities with respect to how corporations and individuals conduct business. For example, end-users connected to a network, (e.g., the Internet), via a networked device such as a computer, PDA, cellular phone, etc., may conduct commercial transactions over the network to purchase services and/or merchandise, conduct financial transactions, or otherwise conduct business or perform personal transactions over the network. An inherent problem linked with online transactions is security, particularly when the transfer of moneys, funds and/or financial, personal or other confidential information is involved in the transaction.
Many conventional online transactions are conducted according to one of two different, but related, models. Both models employ a browser as the interface for handling information transfer between parties involved in the transaction. In the first model, a merchant offers goods or services online via a browser. The term “merchant” refers herein generally to any entity offering goods and/or services for purchase. The term merchant is not used to describe any particular commercial status or to describe a licensed seller, unless specifically stated. Rather, the term describes generically any seller or entity offering good and/or services for purchase or sale. The term service provider is used herein interchangeably with the term merchant and, unless otherwise stated, have the same meaning.
In a conventional online transaction, a merchant may have a website that describes, displays or otherwise offers goods and/or services for sale. An end-user indicates a desire to purchase one or more goods or services, typically by selecting the item via the browser interface. The browser then displays a transaction page that allows the end-user to select one or more payment types and to input information needed to complete the transaction. For example, the transactional page displayed by the browser may permit the end-user to select a payment type, such as credit card (e.g., VISA, MasterCard, American Express, etc.) and to input transactional information such as credit card number, card expiration date, etc. The transactional page may also query the end-user for personal information such as name, billing address, shipping address, etc. The end-user then submits the information and the merchant processes the submitted information.
In this first model, the merchant typically “owns” the website. That is, the merchant maintains the website, is responsible for the content, and receives and processes the transactional information provided by the end-user. The merchant may establish an account with the end-user before conducting the first transaction and the end-user may then access that account via a user established login and password each time the end-user conducts a transaction with the merchant. That is, the end-user typically chooses a login name and a password to be used in subsequent sessions or transactions. After the end-user has submitted the information queried by the transactional page(s), the merchant processes the information to make sure the information is sufficient to complete the transaction. For example, the merchant may ensure that the credit card number is valid and has sufficient funds to cover the cost of the goods and/or services.
The second model typically includes a third party transaction provider that handles the payment portion of the transaction. The third party forms a relationship with both the end-user and the merchant. In particular, the end-user may establish an account with the third party that can be accessed via a login and password as discussed above. To establish the account, the end-user may provide personal and payment information to the third party (i.e., the end-user may provide personal information identifying the user and payment information such as one or more credit card numbers, expiration dates, etc.) The end-user may also establish an electronic funds account by providing money to the third party transaction provider, the balance of which can be used to purchase online goods and/or services. The third party archives the account information provided by the end-user and/or maintains the end-user's balance.
The third party also establishes a relationship with the merchant, wherein the third party handles the payment processing of the transaction. In particular, the third party agrees to make payments to the merchant when an end-user with an account requests a transfer of funds to make a purchase. The merchant may provide the option of using the third party by signaling the availability of this option on its website where the goods and services are being sold. For example, when a user visits a merchant's website and decides to make a purchase, the user may then be presented with an option to pay for the purchase using the third party transaction provider.
When the end-user selects the option to pay for the purchase using the third party transaction provider, the end-user's browser is redirected to a website belonging to the third party transaction provider. The end-user then logs into his/her account via the login/password combination and selects a payment type (e.g., credit card) to use in the transaction, or requests a transfer of funds from the user's funds account to the merchant's account. Once the merchant determines that payment has been transferred appropriately by the transaction provider, the merchant can proceed to ship the purchased product or provide the purchased service to the end-user. In the second model, the third party is responsible for maintaining end-user personal and financial information and for processing the transaction.